The Register® — Biting the hand that feeds IT

Feeds

Security firms taking days to block malware

Can you hold on till Friday?

By Team Register, 21st June 2010
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Anti-malware vendors can take up to 92.48 hours to block malicious sites, potentially leaving clients in blissful ignorance of threats to their systems in the meantime.

Security researchers NSS Labs reviewed a range of endpoint security products from ten big-name security vendors and their response to "socially engineered or consensual malware threats".

It said 15,000 to 50,000 such threats were presenting themselves per day.

Effectiveness rates varied from a 35 per cent block rate to a more comforting 88.3 per cent.

Vendors' average times to respond to new threats ranged from 4.62 hours to 92.48 hours, with the high end turned in by Panda, NSS Labs said. Of the 10 vendors profiled, just three managed response times of less than 30 hours.

The researchers concluded that vendors with "in the cloud reputation systems" kept much more malware off their clients' desktops.

Sadly, most vendors do not have such systems, or, the report concluded, they are still immature and have yet to have an impact on detection rates.

Vendors covered by the survey were: AVG, Norman, ESET,  Panda, F-Secure, Sophos, Kaspersky, Symantec, McAfee, and Trend Micro.

More details here. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (6)
Highly Rated
Jake Rialto 1

Hmmmm

As 3G and heyrick have reported, this report weighs in at a handsome 500 USD per copy. It may be worthwhile considering this little nugget before posting such a story?

Or you could setup a forum where we could collaborate and organise a multi-user pricing discount!

Quite poor reporting really.....unless of course you're on commission.....

2
0
3G

So a non story?

Not even headline figures unless you pay £500 per person to view the report.

I think I'll give it a miss, pointless without the detail.

2
0
techmind

I already see the evidence

I use one of the AVs mentioned (and not one that gets any regular bashing from the folks on here) and am becoming increasingly aware that I receive obviously malicious email which the AV doesn't recognise as such until 5-24 hours after I received the email.

Then again, seeing as my (personal) server receives one spam every 6 minutes on average, 24/7 I probably get to see more malicious stuff sooner than most....

I'd probably see a lot more malicious stuff pass my AV if I didn't already have my own generic filters in force upstream which sends 97% of incoming mail to /dev/null

0
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
135
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
60
Internet fraud still stings suckers
Australians twice as gullible as Americans
36
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17